/*package com.szu.subject.ui.security;

import java.util.ArrayList;
import java.util.List;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.encoding.ShaPasswordEncoder;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;

import com.szu.subject.domains.Student;
import com.szu.subject.domains.User;
import com.szu.subject.ui.service.StudentService;
import com.szu.subject.ui.service.UserService;
@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

	@Autowired
	private UserService userService;
	@Autowired
	private StudentService studentService;
	
	private static Logger logger = LoggerFactory.getLogger(WebSecurityConfig.class);

//	@Autowired SpringSessionBackedSessionRegistry sessionRegistry;

	
	@Override
	protected void configure(HttpSecurity http) throws Exception {
		http.csrf().disable().headers().frameOptions().sameOrigin()
		.and().authorizeRequests()
				.antMatchers("/login", "/logout","/resources/**","/chpassword").permitAll().anyRequest().fullyAuthenticated().and()
//				.exceptionHandling().accessDeniedPage("/main").and()
				.formLogin().defaultSuccessUrl("/main")
				.loginPage("/login").failureUrl("/login?error").and().rememberMe().key("remember-me")
				.and().logout().logoutSuccessUrl("/login");
	}

	@Override
	protected void configure(AuthenticationManagerBuilder auth) throws Exception {
//		auth.userDetailsService(userDetailsService()).passwordEncoder(passwordEncoder());
		auth.userDetailsService(userDetailsService());
	}

	@Bean
	protected ShaPasswordEncoder passwordEncoder() {
		return new ShaPasswordEncoder();
	}
	
	@Bean
	protected UserDetailsService userDetailsService() {
		return new UserDetailsService() {

			@Override
			public UserDetails loadUserByUsername(String account) throws UsernameNotFoundException {
				logger.info(account);
				if(account.length()<7){
					User user = userService.getUserByAccount(account);
					if (user != null) {
						List<SimpleGrantedAuthority> authorities = new ArrayList<>();
						authorities.add(new SimpleGrantedAuthority(user.getRole()));
						return user;
					} else
						throw new UsernameNotFoundException("could not find the user " + account);
				}
				else {
					Student student=studentService.getStudentByAccount(account);
					if (student != null) {
						List<SimpleGrantedAuthority> authorities = new ArrayList<>();
						authorities.add(new SimpleGrantedAuthority("student"));
						return student;
					} else
						throw new UsernameNotFoundException("could not find the user " + account);
				}
			}
		};
	}
}
*/